By Devin Partida, Editor-in-Chief, ReHack.com
Hackers and other malicious actors are finding innovative ways to infiltrate the global supply chain. Some are even weaponizing artificial intelligence (AI) to develop advanced malware programs so they can strategically and stealthily execute cyber attacks.
Anyone who follows the news understands and feels the effects of the ongoing supply chain disruptions occurring worldwide. Whether it’s supply shortages in large retail chains or longer wait times for online orders, the supply chain is in a fragile state right now.
Below is more on why more supply chain cybersecurity attacks are happening, some recent attacks, and some tips for professionals working in or with the global supply chain.
A Growing Number of Cyber Attacks on the Supply Chain
Recently, the European Union Agency for Cybersecurity (ENISA) analyzed 24 supply chain attacks in the past few years. The organization focused on reviewing supply chain cyber attacks carried out by advanced persistent threat (APT) actors and found that some of these attacks were highly complex.
During some of the attacks, ENISA found that the code, malware, and exploits were not that advanced, but the processes to execute the attacks were. Out of the 24 attacks studied, 11 of them were carried out by well-known APT groups.
ENISA concluded that even strong cybersecurity preventive measures are not enough to keep APT groups and other hackers at bay.
- Attackers focused on suppliers’ code in 66% of reported cybersecurity incidents.
- 58% of incidents predominantly targeted customer data, including personally identifiable information (PII).
- 62% of the attacks relied on malware.
- At the time of the report (July 2021), it was expected that supply chain attacks would multiply by four times during the remainder of the year.
Below are four examples of notable supply chain cybersecurity attacks in the past couple of years. Keep in mind that not all cyber attacks receive the news attention they should. Regardless, these incidents highlight how this cyber attack trend is becoming more concerning for companies working in the supply chain.
Recent Supply Chain Cyber Attacks
One of the reasons the number of supply chain attacks is increasing is that hackers greatly benefit from a domino effect. When one supplier is impacted, the rest of the supply chain can be too. This potentially leads to a variety of different material assets being compromised.
New types of cyber attacks, growing public awareness of cyber threats, and oversight from regulators contribute to an increased risk of supply chain cyber attacks. Below are four significant supply chain attacks and their impact on the respective companies.
SolarWinds
In early 2020, SolarWinds – a U.S. information technology (IT) firm – experienced a cyber attack that spread to some major clients, one being Microsoft. Foreign hackers, believed to be in Russia, executed the hack to spy on private companies, like FireEye, and even upper departments of the U.S. government, such as the Department of Homeland Security and the Treasury Department.
Reuters first reported the attack, which went undetected for months. Because multiple systems were hacked, recovering from the attack was challenging and expensive. Business Insider reports that it was one of the largest breaches in recent history in the U.S.
CodeCov
San Francisco-based tech startup CodeCov discovered in 2021 that its software platform had been compromised. It was a major supply chain cybersecurity attack that made headlines and impacted hundreds of clients.
The attackers in this instance not only exploited the company itself but were also planning on using the attack as a launchpad to target numerous other customer networks. Some of CodeCov’s clients included IBM, The Washington Post, GoDaddy, and the Royal Bank of Canada.
Mimecast
Mimecast is an IT security company that recently experienced a cyber attack executed by a sophisticated threat actor. Essentially, a Mimecast-issued certificate used to authenticate products with Microsoft’s 365 Exchange Web Services was compromised.
Mimecast later released in a company blog post that about 10% of its customers used the connections affected by the compromise. Its total customer base was around 36,000, which meant 3,600 customers were potentially compromised.
Kaseya
Kaseya was one organization victimized by a cyber attack in July 2021. It was a supply chain attack that paralyzed 1,500 organizations.
Hackers broke into about 50 managed service providers (MSPs) that used Kaseya’s products. There were two gaping vulnerabilities found in Kaseya’s software. Once the attack was executed, data was encrypted, and ransoms as much as $5 million were demanded before Kaseya could even alert anyone of the breach.
These four examples show how costly supply chain attacks can be, which is why supply chain management experts must do their due diligence in securing their networks and preventing these kinds of attacks.
Supply Chain Attack Mitigation Tips
Below are some suggestions for supply chain professionals looking to increase their cyber resiliency and protect their assets from potential supply chain cybersecurity threats. Aside from these tips, it’s crucial for supply chains to undergo a digital transformation, as many technologies can be leveraged to solve some other common supply chain problems.
- Make third-party risk management a top priority.
- Identify information and physical supply chain vulnerabilities and prioritize fixing them.
- Meet with key supply chain members and run audits regularly to ensure safety measures are in place.
- Consider creating a test lab that can uncover hidden hardware or software vulnerabilities and periodically test in-house or using an outside vendor — though you should first plan a secure onboarding approach to eliminate the potential for a vendor-related security breach.
- Research and consider adopting blockchain or hyper-ledger technology to add much-needed security and transparency for internal systems.
Because of the supply chain’s current vulnerabilities, professionals within the supply chain must understand ways they can protect themselves and their critical infrastructure.
Expect More Supply Chain Cyber Attacks
The supply chain is a highly attractive target for malicious actors in today’s digital world. Steps must be taken to mitigate the risks of facing an attack, which creates an inevitable domino effect.
One compromise could lead to hundreds of other breaches, and no company wants themselves or their clients to experience any security breaches. Consider some of the tips above to prevent supply chain cyber attacks.
Devin Partida is an industrial tech writer and the Editor-in-Chief of ReHack.com, a digital magazine for all things technology, big data, cryptocurrency, and more. To read more from Devin, please check out the site.
Follow Brilliance Security Magazine on Twitter and LinkedIn to ensure you receive alerts for the most up-to-date security and cybersecurity news and information.